package com.frame.auth.mvc.web;

import org.springframework.security.oauth2.provider.AuthorizationRequest;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.SessionAttributes;
import org.springframework.web.servlet.ModelAndView;

import javax.servlet.http.HttpServletRequest;
import java.util.Map;

/**
 * @auther zhangwj
 * @date 2021/3/22 下午1:57
 */
@Controller
@RequestMapping(value = "login")
@SessionAttributes("authorizationRequest")
public class LoginController {

    @GetMapping(value = "index")
    public ModelAndView loginPage() {
        ModelAndView modelAndView = new ModelAndView();
        modelAndView.setViewName("base-login");
        return modelAndView;
    }

    @RequestMapping(value = "confirm_access")
    public ModelAndView getAccessConfirmation(Map<String, Object> model, HttpServletRequest request) {
        AuthorizationRequest authorizationRequest = (AuthorizationRequest) model.get("authorizationRequest");
        if (request.getAttribute("_csrf") != null) {
            model.put("_csrf", request.getAttribute("_csrf"));
        }
        ModelAndView modelAndView = new ModelAndView();
        modelAndView.setViewName("base-grant");
        modelAndView.addObject("clientId", authorizationRequest.getClientId());
        modelAndView.addObject(model);
        modelAndView.addObject("scopes", authorizationRequest.getScope());
        return modelAndView;
    }
}
